diff --git a/hosts/poseidon/default.nix b/hosts/poseidon/default.nix index f4baea2..d5ec7c7 100644 --- a/hosts/poseidon/default.nix +++ b/hosts/poseidon/default.nix @@ -80,6 +80,10 @@ in repo = secrets.borg-backup-repo; }; + fail2ban = { + enable = true; + }; + gitea = { enable = true; privatePort = 8082; diff --git a/services/default.nix b/services/default.nix index ab4e763..707a116 100644 --- a/services/default.nix +++ b/services/default.nix @@ -4,6 +4,7 @@ imports = [ ./bitwarden_rs.nix ./borg-backup.nix + ./fail2ban.nix ./gitea.nix ./jellyfin.nix ./matrix.nix diff --git a/services/fail2ban.nix b/services/fail2ban.nix new file mode 100644 index 0000000..c5609ed --- /dev/null +++ b/services/fail2ban.nix @@ -0,0 +1,14 @@ +{ config, lib, pkgs, ... }: + +with lib; +let + cfg = config.my.services.fail2ban; +in { + options.my.services.fail2ban = { + enable = mkEnableOption "Enable fail2ban"; + }; + + config = mkIf cfg.enable { + services.fail2ban.enable = true; + }; +}